CISA: CISA Releases Four Industrial Control Systems Advisories
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on November 28, 2023. These...
CISA: CISA Releases First Secure by Design Alert
CISA Releases First Secure by Design Alert Today, CISA published guidance on How Software Manufacturers Can Shield Web Management Interfaces...
CISA: Exploitation of Unitronics PLCs used in Water and Wastewater Systems
Exploitation of Unitronics PLCs used in Water and Wastewater Systems CISA is responding to active exploitation(link is external) of Unitronics...
CISA: Apple Releases Security Updates for Multiple Products
Apple Releases Security Updates for Multiple Products Apple has released security updates to address vulnerabilities within Safari, macOS Sonoma, iOS,...
CISA: Multiple Vulnerabilities Affecting Web-Based Court Case and Document Management Systems
Multiple Vulnerabilities Affecting Web-Based Court Case and Document Management Systems CISA has assisted a researcher with coordinating the disclosure of...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Removes One Known Exploited Vulnerability From Catalog
CISA Removes One Known Exploited Vulnerability From Catalog CISA is continually collaborating with partners across government and the private sector....
CISA: CISA and Partners Release Joint Advisory on IRGC-Affiliated Cyber Actors Exploiting PLCs
CISA and Partners Release Joint Advisory on IRGC-Affiliated Cyber Actors Exploiting PLCs Today, CISA, the Federal Bureau of Investigation (FBI),...
US-CERT Vulnerability Summary for the Week of November 20, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoadobe -- after_effectsAdobe After Effects version 24.0.2 (and earlier) and 23.6 (and...
Akira Ransomware Victim: Bern Hotels & Resort s
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
SimpleSAMLphp xml-security security bypass | CVE-2023-49087
NAME__________SimpleSAMLphp xml-security security bypassPlatforms Affected:SimpleSAMLphp xml-security 5.0.0-alpha.12 SimpleSAMLphp xml-security 1.6.11Risk Level:6.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________SimpleSAMLphp xml-security could allow a remote attacker to...
Perl code execution | CVE-2023-47039
NAME__________Perl code executionPlatforms Affected:Perl Perl 5.34.0 Perl Perl 5.36.0 Perl Perl 5.38.0Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Perl could allow a local authenticated...
Yokogawa STARDOM denial of service | CVE-2023-5915
NAME__________Yokogawa STARDOM denial of servicePlatforms Affected:Yokogawa STARDOM FCN/FCJ R1.01 Yokogawa STARDOM FCN/FCJ R4.31Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Yokogawa STARDOM is vulnerable...
Pimcore Customer Management Framework cross-site request forgery | CVE-2023-49076
NAME__________Pimcore Customer Management Framework cross-site request forgeryPlatforms Affected:Pimcore Customer Management Framework 4.0.4Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Pimcore Customer Management Framework is vulnerable...
Perl buffer overflow | CVE-2023-47038
NAME__________Perl buffer overflowPlatforms Affected:Perl Perl 5.34.0 Perl Perl 5.36.0 Perl Perl 5.38.0Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Perl is vulnerable to a heap-based...
Sentry Symbolicator server-side request forgery | CVE-2023-49094
NAME__________Sentry Symbolicator server-side request forgeryPlatforms Affected:Sentry Symbolicator 0.3.3 Sentry Symbolicator 23.11.1Risk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Sentry Symbolicator is vulnerable to server-side request...
ASR ASR1803 and ASR1806 Chipsets code execution | CVE-2023-49701
NAME__________ASR ASR1803 and ASR1806 Chipsets code executionPlatforms Affected:ASR ASR1803 ASR ASR1806Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________ASR ASR1803 and ASR1806 Chipsets could allow...
Catalis CMS360 information disclosure | CVE-2023-6341
NAME__________Catalis CMS360 information disclosurePlatforms Affected:Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Catalis CMS360 could allow a remote attacker to obtain sensitive information, caused by...
Henschen & Associates court document management software information disclosure | CVE-2023-6376
NAME__________Henschen & Associates court document management software information disclosurePlatforms Affected:Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Henschen & Associates court document management software could...
ASR ASR1803 and ASR1806 Chipsets code execution | CVE-2023-49700
NAME__________ASR ASR1803 and ASR1806 Chipsets code executionPlatforms Affected:ASR ASR1803 ASR ASR1806Risk Level:6.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________ASR ASR1803 and ASR1806 Chipsets are vulnerable...
Schweitzer Engineering Laboratories SEL-411L information disclosure | CVE-2023-2267
NAME__________Schweitzer Engineering Laboratories SEL-411L information disclosurePlatforms Affected:Schweitzer Engineering Laboratories SEL-411LRisk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Schweitzer Engineering Laboratories SEL-411L could allow a remote...
ASR ASR1803 and ASR1806 Chipsets code execution | CVE-2023-49699
NAME__________ASR ASR1803 and ASR1806 Chipsets code executionPlatforms Affected:ASR ASR1803 ASR ASR1806Risk Level:6.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________ASR ASR1803 and ASR1806 Chipsets could allow...
Schweitzer Engineering Laboratories SEL-411L clickjacking | CVE-2023-2265
NAME__________Schweitzer Engineering Laboratories SEL-411L clickjackingPlatforms Affected:Schweitzer Engineering Laboratories SEL-411LRisk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Schweitzer Engineering Laboratories SEL-411L could allow a remote attacker...
Schweitzer Engineering Laboratories SEL-411L cross-site scripting | CVE-2023-2266
NAME__________Schweitzer Engineering Laboratories SEL-411L cross-site scriptingPlatforms Affected:Schweitzer Engineering Laboratories SEL-411LRisk Level:4.3Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Schweitzer Engineering Laboratories SEL-411L is vulnerable to cross-site...
